CVE-2012-0236

Name of the Vulnerable Software and Affected Versions Advantech/BroadWin WebAccess versions 7.0 and earlier

Description The issue allows remote attackers to obtain sensitive information via a direct request to a URL. It is worth noting that the vendor does not consider this to be a security risk.

Recommendations For versions 7.0 and earlier, consider restricting access to sensitive information until the vendor reevaluates their stance on this issue. As a temporary workaround, limit direct requests to sensitive URLs to minimize the risk of information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.